Re: [SLE] stopping dictionary attacks on sshd (a tcp_wrappers problem)
- From: Damon Register <damon.register@xxxxxxxxxxx>
- Date: Sat, 25 Mar 2006 18:03:21 -0500
Carlos E. R. wrote:
time of the connection, the only thing known is the IP. From the IP the system finds out a name... that will not be that of noip.com, but one from their ISP, or none at all.that is embarassing. I should have thought of that. I just tried
nslookup of my dad's hopto address. I put the number it gave into
nslookup to get the name that his ISP gives. I put that name into
hosts.allow and my dad was able to ftp a file with no trouble
Bad luck.yes.
authentificated email saying the IP that he is comming from. The robot, fired by procmail, interprets that, adds the IP to the hosts.allow file,That could work but too complicated for me. I was thinking I could
make a script that does what I just did manually with my dad's
address.
Another idea: use the "recent" module of iptables to automatically block repeated "polls". There was a brief thread in the security list time ago.I think I stumbled on that in googling around today. That sounds
interesting but I suppose that I would have to use something newer
than SuSE 9.0. The one thing that was holding me back on upgrading
is a strange problem with Western Digital drives which one post I
saw refered to as the winmodems of the hard drive world. In previous
experimenting, they seemed to have real trouble with the 2.6 kernel.
Since I am not using those drives any more, I could upgrade SuSE
although my real goal is to create a similar router/server setup with
Solaris 10 (a learning experience, not because I have to).
Thanks for your help
Damon Register
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx
- Follow-Ups:
- References:
- Re: [SLE] stopping dictionary attacks on sshd (a tcp_wrappers problem)
- From: Damon Register
- Re: [SLE] stopping dictionary attacks on sshd (a tcp_wrappers problem)
- From: Carlos E. R.
- Re: [SLE] stopping dictionary attacks on sshd (a tcp_wrappers problem)
- Prev by Date: Re: [SLE] DVD Playback - Region Encoding
- Next by Date: Re: [SLE] Netscape 8.1 for Linux
- Previous by thread: Re: [SLE] stopping dictionary attacks on sshd (a tcp_wrappers problem)
- Next by thread: Re: [SLE] stopping dictionary attacks on sshd (a tcp_wrappers problem)
- Index(es):
Relevant Pages
|
